On Tue, 2007-07-17 at 17:09 +0530, Ganesan Natarajan wrote:
> Hi All,
> I have three questions.
>
> 1. If NF_STOLEN is used as return value for the netfilter hook
> function, where the packet is given? ( I mean will it be given to user
> space?)
It is not given to anyone. It is simply ignored. It is your
responsibility to deallocate it (or give it to anyone you want).
> 2. Is there any difference between NF_DROP and NF_STOLEN?
NF_DROP means don't continue to process the packet, but deallocate it.
NF_STOLEN means don't continue to process the packet and not deallocate
it.
> 3. If the user space application uses raw sockets, can it get
> the packets from the netfilter of NF_IP_PRE_ROUTING hook by return
> NF_QUEUE?
I think you'll get the packet with raw socket regardless to what you
return to netfilter (CMIIW).
To get packets queued by netfilter use libipq (do man ipq)
> I am new to this netfilter and kernel module programming. Based on
> this only I am going to start writing kernel module.
godspeed
Hayim
>
> Ganesan
>
> --
> To unsubscribe from this list: send an email with
> "unsubscribe kernelnewbies" to ecartis@xxxxxxxxxxxx
> Please read the FAQ at http://kernelnewbies.org/FAQ
